The desktop firewall policy has been updated for the most recent Java release:
Java 8u77 released last Wednesday (the 23rd), the fleet should be getting rolled to the new version this coming Tuesday evening as part of our normal update process.
GPOs to mitigate Locky (a newer piece of ransomware that encrypts files) will be implemented at the end of the day for the following units:
Academic Affairs
Academic Programs
Alumni Relations
Board of Trustees
Counseling and Psychological Services
Enrollment Management
Finance and Administration
Financial Aid and Scholarships
Graduate School
Information Services
Institutional Research
International Programs
Office of Admissions
Office of Audit Services
Office of the General Counsel
Office of the President
Office of the Provost
Office of the Registrar
Research Office
Student Affairs
Student Life
Undergraduate Studies
University Shared Services Enterprise
The specific settings that the GPOs enforce are:
For unsigned macros that need to run, there are two routes to get things enabled:
Option one: digitally sign the macros. Folks can request a code signing cert via the process at http://is.oregonstate.edu/dca-support/dca-service-request-forms/webform/incommon-ssl-certificate-request-preferred-ssl-option
Once the macro is signed, it will be able to run normally.
Option two: put the file in question in a trusted location. Trusted locations should be used as sparingly as possible. Never set up the built in downloads/documents/other common folders as trusted, as it means all outside files will be trusted by default!
To add a trusted location to any office application:
File -> Options
Click on the Trust Center heading on the left
Click on the Trust Center Settings… button to open the trust center
Click on the Trusted Locations heading on the left
If you will be adding a network location, you must check the “Allow Trusted Locations on my network (not recommended)” box first
Click on the Add new location…
Enter the path to the trusted folder, or browse to it
If subfolders of that folder should also be trusted, there is an option for that
(optional) Enter a description
Click on OK/OK/OK to close out of the Trust Center
Reopen any documents in the newly trusted locations
What
Access 2010 bad patch (KB3085515) removal. With the patch in place, customers are NOT able to utilize their Access 2010 database files.
The impacted customers will be sent an e-mail, based on distribution lists created by David and Keenan.
When
Tuesday March 22nd, starting at 10pm
Why
Remove the bad patch that Microsoft pushed out. Allow customers to use their Access databases from Access 2010.
Completed internally
Tested on CN test machine with Access 2010.
Keenan worked with customers to test the removal process developed by Jim Galloway.
Impact
Customers that have Access 2010 currently.
Access 2010 does NOT restart.
Computer does NOT restart.
List of customer machines –
\\software.oregonstate.edu\SCCMStaging\Office Patches\KB3085515 Removal\office_x86.xlsx
Master ticket
https://helpdesk.oregonstate.edu/otrs/index.pl?Action=AgentTicketZoom&TicketID=384457&ArticleID=1497189
Let me know if you have any questions, concerns, ideas, existential angst, etc.
Colleagues
What
A new template for new ticket creations from the Base Team button on Referral tool. See attachments.
This template has the following data and it’s expected that you fill in that information.
Problem Description:
Machine info
Inventory ID (if existing equipment):
Device type (laptop, desktop, phone, tablet, etc.):
Device OS:
Printer info (if applicable):
IP address:
Make, model:
Actions/troubleshooting I performed:
Currently in progress:
Left to do:
Who does this impact?
Anyone that makes tickets that go into the Base Team queue.
When
Today, Monday March 7th at 4pm
Why?
Additional details are helpful for everyone involved – machine details help people visiting the customer know what they are looking for, need to transport, what type of equipment the customer is using, etc.
The template makes is easier to find that information too and pass it off to another person as needed.
